steam3d
commented
4 days ago AACP behaves differently depending on which capabilities are supported by the AirPods or Beats. Some Beats headphones do not have an infrared sensor; I noticed that on such headphones you can't control ANC. I suppose the iPhone sends different initialization packets, but the handshake message remains the same.
The interesting thing AirPods and Beats headphones does not notify some own settings intead of it the iPhone override settings during L2CAP connection and when you connect AirPods to iPad, the iPad will also override settings inside AirPods.
You can easily check this. Set up different settings for the 'Press and Hold' feature on the iPhone and iPad, and connect an Android phone after the iPhone. Try to switch between ANC modes and repeat the same with the iPad. You will notice that the settings are always overridden
vulpes2
Apple has renamed the protocol to AACP, still don't know what it stands for, maybe Apple Audio Configuration Protocol? Either way, here's the basic framing info for the AACP messages.
An AACP packet has a u16 type field, a u16 service ID field, and a payload. The service ID is always 4 after the connection has been established, other service IDs have not been observed so far.
There are five packet types:
u16 major, u16 minor, u64 featuresu16 status, u16 major, u16 minor, u64 featuresu16 statusu16 opcode, payloadPayload for the AACP message packet varies depends on the opcode, they are either fixed size or will have a size field somewhere. For example, opcode 0x9 is a configuration message with a fixed payload of 5 bytes. The first byte is the configuration type, and the following 4 bytes are the values. Not all settings use all the 4 bytes, most will leave the unused bytes as 0x00.
More docs will follow in a few weeks, I just don't have time to write them yet. Handoff seems to be iCloud related and probably beyond my capabilities to figure out, most of my efforts so far have been centered around parsing all the AACP messages I can capture.